stackoom
  简体   繁体   中英

How to add a DNS record in GCP using Terraform?

 原文  2020-01-15 20:30:59       google-cloud-platform/ dns/ terraform/ terraform-provider-gcp

Question

I'm trying to get terraform to add an "A" record to my dns zone in GCP. Efforts to do so result in an error: "update server is not set". A similar error is described here . So I gather from comments made there that I need an update item in my dns provider. Which I dutifully tried to provide.

provider "dns" {
  update {
    server = "xxx.xxx.x.x"
  }
}

Except that I have no idea what IP goes in there, and my first attempts have failed.

Will I need other settings?

I note in the documentation the following format...

provider "dns" {
  update {
    server        = "192.168.0.1"
    key_name      = "example.com."
    key_algorithm = "hmac-md5"
    key_secret    = "3VwZXJzZWNyZXQ="
  }
}

I don't understand where these settings come from.

Update:
Martin's advice (accepted answer below) worked like a charm.

For the next person struggling with this, the trick was to use google_dns_record_set instead of dns_a_record_set .

1 answers

solution1
 8 ACCPTED  2020-01-15 23:40:05

The dns provider is implementing the standard DNS update protocol defined in RFC 2136: Dynamic Updates in the Domain Name System , which tends to be implemented by self-hosted DNS server software like BIND . In that case, the credentials would be configured on the server side by the BIND operator and then you'd in turn pass the given credentials into the provider.

Unfortunately, as DNS has tended towards being a managed service provided for you by various vendors, most of these vendors have chosen to ignore RFC 2136 and implement their own proprietary APIs instead. For that reason, the management capabilities of Terraform's dns provider are incompatible with most managed DNS products.

Instead, we manage these using a vendor-specific provider. In your case, since you are apparently using Google Cloud DNS, you'd manage your DNS zones and records using resource types from the google Terraform provider. Specifically:

Here is a minimal example to get started:

resource "google_dns_managed_zone" "example" {
  name     = "example"
  dns_name = "example.com."
}

resource "google_dns_record_set" "example" {
  managed_zone = google_dns_managed_zone.example.name

  name    = "www.${google_dns_managed_zone.example.dns_name}"
  type    = "A"
  rrdatas = ["10.1.2.1", "10.1.2.2"]
  ttl     = 300
}

A key advantage of these vendors using vendor-specific APIs is that the management operations integrate with the authentication mechanisms used for the rest of their APIs, and so as long as your Google Cloud Platform provider has credentials with sufficient privileges to manage these objects you shouldn't need any additional provider configuration for this.

Terraform has provider support for a number of different managed DNS vendors, so folks not using Google Cloud DNS will hopefully find that their chosen vendor is also supported in a similar way, by browsing the available providers .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to add an ssh key to an GCP instance using terraform? gcp terraform - how to add pubsub_topic www DNS record with GCP static website using CloudFare how to update GCP Buckets ACLs using terraform? How to increase Quota on GCP using Terraform Module? How to stop GCP vm instances using terraform How to Attach Custom GCP Role to a GCP Service Account Using Terraform How to add a record to a domain on GCP App Engine? Add new users as members to GCP Cloud Identity Group using Terraform How to add or remove access_config on terraform GCP with variable
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM